[pve-network.git] / PVE / Network / SDN / Controllers / EvpnPlugin.pm

package PVE::Network::SDN::Controllers::EvpnPlugin;

use strict;
use warnings;

use PVE::INotify;
use PVE::JSONSchema qw(get_standard_option);
use PVE::Tools qw(run_command file_set_contents file_get_contents);

use PVE::Network::SDN::Controllers::Plugin;
use PVE::Network::SDN::Zones::Plugin;
use Net::IP;

use base('PVE::Network::SDN::Controllers::Plugin');

sub type {
    return 'evpn';
}

sub properties {
    return {
	asn => {
	    type => 'integer',
	    description => "autonomous system number",
	},
	peers => {
	    description => "peers address list.",
	    type => 'string', format => 'ip-list'
	},
    };
}

sub options {
    return {
	'asn' => { optional => 0 },
	'peers' => { optional => 0 },
    };
}

# Plugin implementation
sub generate_controller_config {
    my ($class, $plugin_config, $controller_cfg, $id, $uplinks, $config) = @_;

    my @peers;
    @peers = PVE::Tools::split_list($plugin_config->{'peers'}) if $plugin_config->{'peers'};

    my $local_node = PVE::INotify::nodename();

    my $asn = $plugin_config->{asn};
    my $ebgp = undef;
    my $loopback = undef;
    my $autortas = undef;
    my $bgprouter = find_bgp_controller($local_node, $controller_cfg);
    if($bgprouter) {
	$ebgp = 1 if $plugin_config->{'asn'} ne $bgprouter->{asn};
	$loopback = $bgprouter->{loopback} if $bgprouter->{loopback};
	$asn = $bgprouter->{asn} if $bgprouter->{asn};
	$autortas = $plugin_config->{'asn'} if $ebgp;
    }

    return if !$asn;

    my $bgp = $config->{frr}->{router}->{"bgp $asn"} //= {};

    my ($ifaceip, $interface) = PVE::Network::SDN::Zones::Plugin::find_local_ip_interface_peers(\@peers, $loopback);

    my $remoteas = $ebgp ? "external" : $asn;

    #global options
    my @controller_config = (
	"bgp router-id $ifaceip",
	"no bgp default ipv4-unicast",
	"coalesce-time 1000",
    );

    push(@{$bgp->{""}}, @controller_config) if keys %{$bgp} == 0;

    @controller_config = ();
    
    #VTEP neighbors
    push @controller_config, "neighbor VTEP peer-group";
    push @controller_config, "neighbor VTEP remote-as $remoteas";
    push @controller_config, "neighbor VTEP bfd";

    if($ebgp && $loopback) {
	push @controller_config, "neighbor VTEP ebgp-multihop 10";
	push @controller_config, "neighbor VTEP update-source $loopback";
    }

    # VTEP peers
    foreach my $address (@peers) {
	next if $address eq $ifaceip;
	push @controller_config, "neighbor $address peer-group VTEP";
    }

    push(@{$bgp->{""}}, @controller_config);

    # address-family l2vpn
    @controller_config = ();
    push @controller_config, "neighbor VTEP activate";
    push @controller_config, "advertise-all-vni";
    push @controller_config, "autort as $autortas" if $autortas;
    push(@{$bgp->{"address-family"}->{"l2vpn evpn"}}, @controller_config);

    return $config;
}

sub generate_controller_zone_config {
    my ($class, $plugin_config, $controller, $controller_cfg, $id, $uplinks, $config) = @_;

    my $local_node = PVE::INotify::nodename();

    my $vrf = "vrf_$id";
    my $vrfvxlan = $plugin_config->{'vrf-vxlan'};
    my $exitnodes = $plugin_config->{'exitnodes'};
    my $advertisesubnets = $plugin_config->{'advertise-subnets'};
    my $exitnodes_local_routing = $plugin_config->{'exitnodes-local-routing'};

    my $asn = $controller->{asn};
    my $ebgp = undef;
    my $loopback = undef;
    my $autortas = undef;
    my $bgprouter = find_bgp_controller($local_node, $controller_cfg);
    if($bgprouter) {
        $ebgp = 1 if $controller->{'asn'} ne $bgprouter->{asn};
	$loopback = $bgprouter->{loopback} if $bgprouter->{loopback};
	$asn = $bgprouter->{asn} if $bgprouter->{asn};
	$autortas = $controller->{'asn'} if $ebgp;
    }

    return if !$vrf || !$vrfvxlan || !$asn;

    # vrf
    my @controller_config = ();
    push @controller_config, "vni $vrfvxlan";
    push(@{$config->{frr}->{vrf}->{"$vrf"}}, @controller_config);

    #main vrf router
    @controller_config = ();
    push @controller_config, "no bgp ebgp-requires-policy" if $ebgp;
#    push @controller_config, "!";
    push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{""}}, @controller_config);

    if ($autortas) {
	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, "route-target import $autortas:$vrfvxlan");
	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, "route-target export $autortas:$vrfvxlan");
    }

    my $is_gateway = $exitnodes->{$local_node};

    if ($is_gateway) {

	if (!$exitnodes_local_routing) {
	    @controller_config = ();
	    #import /32 routes of evpn network from vrf1 to default vrf (for packet return)
	    push @controller_config, "import vrf $vrf";
	    push(@{$config->{frr}->{router}->{"bgp $asn"}->{"address-family"}->{"ipv4 unicast"}}, @controller_config);
	    push(@{$config->{frr}->{router}->{"bgp $asn"}->{"address-family"}->{"ipv6 unicast"}}, @controller_config);

	    @controller_config = ();
	    #redistribute connected to be able to route to local vms on the gateway
	    push @controller_config, "redistribute connected";
	    push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv4 unicast"}}, @controller_config);
	    push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv6 unicast"}}, @controller_config);
	}

	@controller_config = ();
	#add default originate to announce 0.0.0.0/0 type5 route in evpn
	push @controller_config, "default-originate ipv4";
	push @controller_config, "default-originate ipv6";
	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, @controller_config);
    } elsif ($advertisesubnets) {

	@controller_config = ();
	#redistribute connected networks
	push @controller_config, "redistribute connected";
	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv4 unicast"}}, @controller_config);
	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv6 unicast"}}, @controller_config);

	@controller_config = ();
	#advertise connected networks type5 route in evpn
	push @controller_config, "advertise ipv4 unicast";
	push @controller_config, "advertise ipv6 unicast";
	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, @controller_config);
    }

    return $config;
}

sub generate_controller_vnet_config {
    my ($class, $plugin_config, $controller, $zone, $zoneid, $vnetid, $config) = @_;

    my $exitnodes = $zone->{'exitnodes'};
    my $exitnodes_local_routing = $zone->{'exitnodes-local-routing'};

    return if !$exitnodes_local_routing;

    my $local_node = PVE::INotify::nodename();
    my $is_gateway = $exitnodes->{$local_node};
    
    return if !$is_gateway;

    my $subnets = PVE::Network::SDN::Vnets::get_subnets($vnetid, 1);
    my @controller_config = ();
    foreach my $subnetid (sort keys %{$subnets}) {
        my $subnet = $subnets->{$subnetid};
	my $cidr = $subnet->{cidr};
	push @controller_config, "ip route $cidr 10.255.255.2 xvrf_$zoneid";
    }
    push(@{$config->{frr}->{''}}, @controller_config);
}

sub on_delete_hook {
    my ($class, $controllerid, $zone_cfg) = @_;

    # verify that zone is associated to this controller
    foreach my $id (keys %{$zone_cfg->{ids}}) {
	my $zone = $zone_cfg->{ids}->{$id};
	die "controller $controllerid is used by $id"
	    if (defined($zone->{controller}) && $zone->{controller} eq $controllerid);
    }
}

sub on_update_hook {
    my ($class, $controllerid, $controller_cfg) = @_;

    # we can only have 1 evpn controller / 1 asn by server

    my $controllernb = 0;
    foreach my $id (keys %{$controller_cfg->{ids}}) {
	next if $id eq $controllerid;
	my $controller = $controller_cfg->{ids}->{$id};
	next if $controller->{type} ne "evpn";
	$controllernb++;
	die "only 1 global evpn controller can be defined" if $controllernb > 1;
    }
}

sub find_bgp_controller {
    my ($nodename, $controller_cfg) = @_;

    my $controller = undef;
    foreach my $id  (keys %{$controller_cfg->{ids}}) {
        $controller = $controller_cfg->{ids}->{$id};
        next if $controller->{type} ne 'bgp';
        next if $controller->{node} ne $nodename;
	last;
    }

    return $controller;
}


sub sort_frr_config {
    my $order = {};
    $order->{''} = 0;
    $order->{'vrf'} = 1;
    $order->{'ipv4 unicast'} = 1;
    $order->{'ipv6 unicast'} = 2;
    $order->{'l2vpn evpn'} = 3;
    $order->{'route-map'} = 200;

    my $a_val = 100;
    my $b_val = 100;

    $a_val = $order->{$a} if defined($order->{$a});
    $b_val = $order->{$b} if defined($order->{$b});

    if ($a =~ /bgp (\d+)$/) {
	$a_val = 2;
    }

    if ($b =~ /bgp (\d+)$/) {
	$b_val = 2;
    }

    return $a_val <=> $b_val;
}

sub generate_frr_recurse{
   my ($final_config, $content, $parentkey, $level) = @_;

   my $keylist = {};
   $keylist->{vrf} = 1;
   $keylist->{'address-family'} = 1;
   $keylist->{router} = 1;
   $keylist->{'route-map'} = 1;

   my $exitkeylist = {};
   $exitkeylist->{vrf} = 1;
   $exitkeylist->{'address-family'} = 1;

   # FIXME: make this generic
   my $paddinglevel = undef;
   if ($level == 1 || $level == 2) {
	$paddinglevel = $level - 1;
   } elsif ($level == 3 || $level ==  4) {
	$paddinglevel = $level - 2;
   }

   my $padding = "";
   $padding = ' ' x ($paddinglevel) if $paddinglevel;

   if (ref $content eq  'HASH') {
	foreach my $key (sort sort_frr_config keys %$content) {
	    if ($parentkey && defined($keylist->{$parentkey})) {
		push @{$final_config}, $padding."!";
		push @{$final_config}, $padding."$parentkey $key";
	    } elsif ($key ne '' && !defined($keylist->{$key})) {
		push @{$final_config}, $padding."$key";
	    }

	    my $option = $content->{$key};
	    generate_frr_recurse($final_config, $option, $key, $level+1);

	    push @{$final_config}, $padding."exit-$parentkey" if $parentkey && defined($exitkeylist->{$parentkey});
	}
    }

    if (ref $content eq 'ARRAY') {
	push @{$final_config}, map { $padding . "$_" } @$content;
    }
}

sub generate_controller_rawconfig {
    my ($class, $plugin_config, $config) = @_;

    my $nodename = PVE::INotify::nodename();

    my $final_config = [];
    push @{$final_config}, "log syslog informational";
    push @{$final_config}, "ip forwarding";
    push @{$final_config}, "ipv6 forwarding";
    push @{$final_config}, "frr defaults datacenter";
    push @{$final_config}, "service integrated-vtysh-config";
    push @{$final_config}, "hostname $nodename";
    push @{$final_config}, "!";

    if (-e "/etc/frr/frr.conf.local") {
	generate_frr_recurse($final_config, $config->{frr}->{vrf}, "vrf", 1);
	push @{$final_config}, "!";

	my $local_conf = file_get_contents("/etc/frr/frr.conf.local");
	chomp ($local_conf);
	push @{$final_config}, $local_conf;
    } else {
	generate_frr_recurse($final_config, $config->{frr}, undef, 0);
    }

    push @{$final_config}, "!";
    push @{$final_config}, "line vty";
    push @{$final_config}, "!";

    my $rawconfig = join("\n", @{$final_config});

    return if !$rawconfig;
    return $rawconfig;
}

sub write_controller_config {
    my ($class, $plugin_config, $config) = @_;

    my $rawconfig = $class->generate_controller_rawconfig($plugin_config, $config);
    return if !$rawconfig;
    return if !-d "/etc/frr";

    file_set_contents("/etc/frr/frr.conf", $rawconfig);
}

sub reload_controller {
    my ($class) = @_;

    my $conf_file = "/etc/frr/frr.conf";
    my $bin_path = "/usr/lib/frr/frr-reload.py";

    if (!-e $bin_path) {
	warn "missing $bin_path. Please install frr-pythontools package";
	return;
    }

    my $err = sub {
	my $line = shift;
	if ($line =~ /ERROR:/) {
	    warn "$line \n";
	}
    };

    if (-e $conf_file && -e $bin_path) {
	run_command([$bin_path, '--stdout', '--reload', $conf_file], outfunc => {}, errfunc => $err);
    }
}

1;
Commit	Line	Data
fa253735	1	package PVE::Network::SDN::Controllers::EvpnPlugin;
32602a38 AD	2
	3	use strict;
	4	use warnings;
cdf2c819	5
074d270b AD	6	use PVE::INotify;
074d270b AD	7	use PVE::JSONSchema qw(get_standard_option);
cdf2c819 TL	8	use PVE::Tools qw(run_command file_set_contents file_get_contents);
	9
	10	use PVE::Network::SDN::Controllers::Plugin;
1f543c5f	11	use PVE::Network::SDN::Zones::Plugin;
f23633dc	12	use Net::IP;
cdf2c819	13
f5eabba0	14	use base('PVE::Network::SDN::Controllers::Plugin');
32602a38 AD	15
32602a38 AD	16	sub type {
fa253735	17	return 'evpn';
8fb1ee7f AD	18	}
8fb1ee7f AD	19
32602a38 AD	20	sub properties {
32602a38 AD	21	return {
92526f0e TL	22	asn => {
	23	type => 'integer',
	24	description => "autonomous system number",
	25	},
	26	peers => {
	27	description => "peers address list.",
	28	type => 'string', format => 'ip-list'
	29	},
32602a38 AD	30	};
	31	}
	32
	33	sub options {
32602a38	34	return {
92526f0e TL	35	'asn' => { optional => 0 },
92526f0e TL	36	'peers' => { optional => 0 },
32602a38 AD	37	};
	38	}
	39
	40	# Plugin implementation
8fb1ee7f	41	sub generate_controller_config {
f23633dc	42	my ($class, $plugin_config, $controller_cfg, $id, $uplinks, $config) = @_;
32602a38	43
3caa7687 FG	44	my @peers;
3caa7687 FG	45	@peers = PVE::Tools::split_list($plugin_config->{'peers'}) if $plugin_config->{'peers'};
32602a38	46
f23633dc AD	47	my $local_node = PVE::INotify::nodename();
f23633dc AD	48
074d270b	49	my $asn = $plugin_config->{asn};
f23633dc AD	50	my $ebgp = undef;
	51	my $loopback = undef;
	52	my $autortas = undef;
	53	my $bgprouter = find_bgp_controller($local_node, $controller_cfg);
	54	if($bgprouter) {
	55	$ebgp = 1 if $plugin_config->{'asn'} ne $bgprouter->{asn};
	56	$loopback = $bgprouter->{loopback} if $bgprouter->{loopback};
	57	$asn = $bgprouter->{asn} if $bgprouter->{asn};
	58	$autortas = $plugin_config->{'asn'} if $ebgp;
	59	}
074d270b AD	60
074d270b AD	61	return if !$asn;
32602a38	62
92526f0e TL	63	my $bgp = $config->{frr}->{router}->{"bgp $asn"} //= {};
92526f0e TL	64
f23633dc	65	my ($ifaceip, $interface) = PVE::Network::SDN::Zones::Plugin::find_local_ip_interface_peers(\@peers, $loopback);
32602a38	66
f23633dc	67	my $remoteas = $ebgp ? "external" : $asn;
17854295	68
f23633dc	69	#global options
92526f0e TL	70	my @controller_config = (
	71	"bgp router-id $ifaceip",
	72	"no bgp default ipv4-unicast",
	73	"coalesce-time 1000",
	74	);
32602a38	75
f23633dc AD	76	push(@{$bgp->{""}}, @controller_config) if keys %{$bgp} == 0;
	77
	78	@controller_config = ();
	79
	80	#VTEP neighbors
	81	push @controller_config, "neighbor VTEP peer-group";
	82	push @controller_config, "neighbor VTEP remote-as $remoteas";
	83	push @controller_config, "neighbor VTEP bfd";
	84
	85	if($ebgp && $loopback) {
	86	push @controller_config, "neighbor VTEP ebgp-multihop 10";
	87	push @controller_config, "neighbor VTEP update-source $loopback";
	88	}
	89
	90	# VTEP peers
32602a38 AD	91	foreach my $address (@peers) {
32602a38 AD	92	next if $address eq $ifaceip;
f23633dc	93	push @controller_config, "neighbor $address peer-group VTEP";
7d35eaf5	94	}
074d270b	95
92526f0e	96	push(@{$bgp->{""}}, @controller_config);
074d270b	97
f23633dc	98	# address-family l2vpn
56cdcac9	99	@controller_config = ();
f23633dc	100	push @controller_config, "neighbor VTEP activate";
56cdcac9	101	push @controller_config, "advertise-all-vni";
f23633dc	102	push @controller_config, "autort as $autortas" if $autortas;
92526f0e	103	push(@{$bgp->{"address-family"}->{"l2vpn evpn"}}, @controller_config);
32602a38 AD	104
	105	return $config;
	106	}
	107
56cdcac9	108	sub generate_controller_zone_config {
f23633dc AD	109	my ($class, $plugin_config, $controller, $controller_cfg, $id, $uplinks, $config) = @_;
	110
	111	my $local_node = PVE::INotify::nodename();
0589eb09	112
1de0abc0	113	my $vrf = "vrf_$id";
0589eb09	114	my $vrfvxlan = $plugin_config->{'vrf-vxlan'};
f23633dc	115	my $exitnodes = $plugin_config->{'exitnodes'};
92d8effb	116	my $advertisesubnets = $plugin_config->{'advertise-subnets'};
3d135423	117	my $exitnodes_local_routing = $plugin_config->{'exitnodes-local-routing'};
f23633dc	118
56cdcac9	119	my $asn = $controller->{asn};
f23633dc AD	120	my $ebgp = undef;
	121	my $loopback = undef;
	122	my $autortas = undef;
	123	my $bgprouter = find_bgp_controller($local_node, $controller_cfg);
	124	if($bgprouter) {
	125	$ebgp = 1 if $controller->{'asn'} ne $bgprouter->{asn};
	126	$loopback = $bgprouter->{loopback} if $bgprouter->{loopback};
	127	$asn = $bgprouter->{asn} if $bgprouter->{asn};
	128	$autortas = $controller->{'asn'} if $ebgp;
	129	}
0589eb09 AD	130
	131	return if !$vrf \|\| !$vrfvxlan \|\| !$asn;
	132
92526f0e	133	# vrf
56cdcac9 AD	134	my @controller_config = ();
	135	push @controller_config, "vni $vrfvxlan";
	136	push(@{$config->{frr}->{vrf}->{"$vrf"}}, @controller_config);
0589eb09	137
f23633dc AD	138	#main vrf router
	139	@controller_config = ();
	140	push @controller_config, "no bgp ebgp-requires-policy" if $ebgp;
	141	# push @controller_config, "!";
	142	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{""}}, @controller_config);
659c27c2	143
f23633dc AD	144	if ($autortas) {
	145	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, "route-target import $autortas:$vrfvxlan");
	146	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, "route-target export $autortas:$vrfvxlan");
	147	}
0589eb09	148
b634e577 AD	149	my $is_gateway = $exitnodes->{$local_node};
b634e577 AD	150
0589eb09 AD	151	if ($is_gateway) {
0589eb09 AD	152
3d135423 AD	153	if (!$exitnodes_local_routing) {
	154	@controller_config = ();
	155	#import /32 routes of evpn network from vrf1 to default vrf (for packet return)
	156	push @controller_config, "import vrf $vrf";
	157	push(@{$config->{frr}->{router}->{"bgp $asn"}->{"address-family"}->{"ipv4 unicast"}}, @controller_config);
	158	push(@{$config->{frr}->{router}->{"bgp $asn"}->{"address-family"}->{"ipv6 unicast"}}, @controller_config);
0589eb09	159
3d135423 AD	160	@controller_config = ();
	161	#redistribute connected to be able to route to local vms on the gateway
	162	push @controller_config, "redistribute connected";
	163	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv4 unicast"}}, @controller_config);
	164	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv6 unicast"}}, @controller_config);
	165	}
0589eb09	166
56cdcac9	167	@controller_config = ();
0589eb09	168	#add default originate to announce 0.0.0.0/0 type5 route in evpn
56cdcac9 AD	169	push @controller_config, "default-originate ipv4";
	170	push @controller_config, "default-originate ipv6";
	171	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, @controller_config);
92d8effb AD	172	} elsif ($advertisesubnets) {
	173
	174	@controller_config = ();
	175	#redistribute connected networks
	176	push @controller_config, "redistribute connected";
	177	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv4 unicast"}}, @controller_config);
	178	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"ipv6 unicast"}}, @controller_config);
	179
	180	@controller_config = ();
	181	#advertise connected networks type5 route in evpn
	182	push @controller_config, "advertise ipv4 unicast";
	183	push @controller_config, "advertise ipv6 unicast";
	184	push(@{$config->{frr}->{router}->{"bgp $asn vrf $vrf"}->{"address-family"}->{"l2vpn evpn"}}, @controller_config);
0589eb09 AD	185	}
	186
	187	return $config;
	188	}
	189
3d135423 AD	190	sub generate_controller_vnet_config {
	191	my ($class, $plugin_config, $controller, $zone, $zoneid, $vnetid, $config) = @_;
	192
	193	my $exitnodes = $zone->{'exitnodes'};
	194	my $exitnodes_local_routing = $zone->{'exitnodes-local-routing'};
	195
	196	return if !$exitnodes_local_routing;
	197
	198	my $local_node = PVE::INotify::nodename();
	199	my $is_gateway = $exitnodes->{$local_node};
	200
	201	return if !$is_gateway;
	202
	203	my $subnets = PVE::Network::SDN::Vnets::get_subnets($vnetid, 1);
	204	my @controller_config = ();
	205	foreach my $subnetid (sort keys %{$subnets}) {
	206	my $subnet = $subnets->{$subnetid};
	207	my $cidr = $subnet->{cidr};
	208	push @controller_config, "ip route $cidr 10.255.255.2 xvrf_$zoneid";
	209	}
	210	push(@{$config->{frr}->{''}}, @controller_config);
	211	}
	212
32602a38	213	sub on_delete_hook {
56cdcac9	214	my ($class, $controllerid, $zone_cfg) = @_;
32602a38	215
56cdcac9 AD	216	# verify that zone is associated to this controller
56cdcac9 AD	217	foreach my $id (keys %{$zone_cfg->{ids}}) {
92526f0e TL	218	my $zone = $zone_cfg->{ids}->{$id};
	219	die "controller $controllerid is used by $id"
	220	if (defined($zone->{controller}) && $zone->{controller} eq $controllerid);
5bda8607	221	}
32602a38 AD	222	}
	223
	224	sub on_update_hook {
56cdcac9	225	my ($class, $controllerid, $controller_cfg) = @_;
5bda8607	226
c7bb4ac5 AD	227	# we can only have 1 evpn controller / 1 asn by server
c7bb4ac5 AD	228
f23633dc	229	my $controllernb = 0;
56cdcac9 AD	230	foreach my $id (keys %{$controller_cfg->{ids}}) {
56cdcac9 AD	231	next if $id eq $controllerid;
92526f0e	232	my $controller = $controller_cfg->{ids}->{$id};
f23633dc AD	233	next if $controller->{type} ne "evpn";
	234	$controllernb++;
	235	die "only 1 global evpn controller can be defined" if $controllernb > 1;
	236	}
	237	}
	238
	239	sub find_bgp_controller {
	240	my ($nodename, $controller_cfg) = @_;
	241
	242	my $controller = undef;
	243	foreach my $id (keys %{$controller_cfg->{ids}}) {
	244	$controller = $controller_cfg->{ids}->{$id};
	245	next if $controller->{type} ne 'bgp';
	246	next if $controller->{node} ne $nodename;
	247	last;
5bda8607	248	}
f23633dc AD	249
f23633dc AD	250	return $controller;
32602a38 AD	251	}
32602a38 AD	252
f23633dc	253
8fb1ee7f AD	254	sub sort_frr_config {
	255	my $order = {};
	256	$order->{''} = 0;
	257	$order->{'vrf'} = 1;
	258	$order->{'ipv4 unicast'} = 1;
	259	$order->{'ipv6 unicast'} = 2;
	260	$order->{'l2vpn evpn'} = 3;
bbf4e4b1	261	$order->{'route-map'} = 200;
8fb1ee7f AD	262
	263	my $a_val = 100;
	264	my $b_val = 100;
	265
	266	$a_val = $order->{$a} if defined($order->{$a});
	267	$b_val = $order->{$b} if defined($order->{$b});
	268
92526f0e	269	if ($a =~ /bgp (\d+)$/) {
8fb1ee7f AD	270	$a_val = 2;
	271	}
	272
92526f0e	273	if ($b =~ /bgp (\d+)$/) {
8fb1ee7f AD	274	$b_val = 2;
	275	}
	276
	277	return $a_val <=> $b_val;
	278	}
	279
	280	sub generate_frr_recurse{
	281	my ($final_config, $content, $parentkey, $level) = @_;
	282
	283	my $keylist = {};
	284	$keylist->{vrf} = 1;
	285	$keylist->{'address-family'} = 1;
	286	$keylist->{router} = 1;
bbf4e4b1	287	$keylist->{'route-map'} = 1;
8fb1ee7f AD	288
	289	my $exitkeylist = {};
	290	$exitkeylist->{vrf} = 1;
	291	$exitkeylist->{'address-family'} = 1;
	292
92526f0e	293	# FIXME: make this generic
8fb1ee7f	294	my $paddinglevel = undef;
92526f0e TL	295	if ($level == 1 \|\| $level == 2) {
92526f0e TL	296	$paddinglevel = $level - 1;
8fb1ee7f	297	} elsif ($level == 3 \|\| $level == 4) {
92526f0e	298	$paddinglevel = $level - 2;
8fb1ee7f AD	299	}
	300
	301	my $padding = "";
	302	$padding = ' ' x ($paddinglevel) if $paddinglevel;
	303
92526f0e	304	if (ref $content eq 'HASH') {
8fb1ee7f AD	305	foreach my $key (sort sort_frr_config keys %$content) {
8fb1ee7f AD	306	if ($parentkey && defined($keylist->{$parentkey})) {
92526f0e TL	307	push @{$final_config}, $padding."!";
	308	push @{$final_config}, $padding."$parentkey $key";
	309	} elsif ($key ne '' && !defined($keylist->{$key})) {
	310	push @{$final_config}, $padding."$key";
8fb1ee7f AD	311	}
	312
	313	my $option = $content->{$key};
	314	generate_frr_recurse($final_config, $option, $key, $level+1);
	315
	316	push @{$final_config}, $padding."exit-$parentkey" if $parentkey && defined($exitkeylist->{$parentkey});
	317	}
	318	}
32602a38	319
8fb1ee7f	320	if (ref $content eq 'ARRAY') {
92526f0e	321	push @{$final_config}, map { $padding . "$_" } @$content;
8fb1ee7f AD	322	}
	323	}
	324
9cef13e9	325	sub generate_controller_rawconfig {
8fb1ee7f AD	326	my ($class, $plugin_config, $config) = @_;
8fb1ee7f AD	327
659c27c2 AD	328	my $nodename = PVE::INotify::nodename();
659c27c2 AD	329
8fb1ee7f AD	330	my $final_config = [];
8fb1ee7f AD	331	push @{$final_config}, "log syslog informational";
659c27c2 AD	332	push @{$final_config}, "ip forwarding";
659c27c2 AD	333	push @{$final_config}, "ipv6 forwarding";
67a0f815	334	push @{$final_config}, "frr defaults datacenter";
659c27c2 AD	335	push @{$final_config}, "service integrated-vtysh-config";
659c27c2 AD	336	push @{$final_config}, "hostname $nodename";
8fb1ee7f AD	337	push @{$final_config}, "!";
8fb1ee7f AD	338
0d1ab7dc	339	if (-e "/etc/frr/frr.conf.local") {
0d1ab7dc AD	340	generate_frr_recurse($final_config, $config->{frr}->{vrf}, "vrf", 1);
	341	push @{$final_config}, "!";
	342
cdf2c819 TL	343	my $local_conf = file_get_contents("/etc/frr/frr.conf.local");
	344	chomp ($local_conf);
	345	push @{$final_config}, $local_conf;
0d1ab7dc AD	346	} else {
	347	generate_frr_recurse($final_config, $config->{frr}, undef, 0);
	348	}
8fb1ee7f AD	349
	350	push @{$final_config}, "!";
	351	push @{$final_config}, "line vty";
	352	push @{$final_config}, "!";
	353
	354	my $rawconfig = join("\n", @{$final_config});
	355
9cef13e9 AD	356	return if !$rawconfig;
	357	return $rawconfig;
	358	}
	359
	360	sub write_controller_config {
	361	my ($class, $plugin_config, $config) = @_;
	362
	363	my $rawconfig = $class->generate_controller_rawconfig($plugin_config, $config);
8fb1ee7f AD	364	return if !$rawconfig;
	365	return if !-d "/etc/frr";
	366
cdf2c819	367	file_set_contents("/etc/frr/frr.conf", $rawconfig);
8fb1ee7f AD	368	}
8fb1ee7f AD	369
fa609bdd AD	370	sub reload_controller {
	371	my ($class) = @_;
	372
	373	my $conf_file = "/etc/frr/frr.conf";
659c27c2 AD	374	my $bin_path = "/usr/lib/frr/frr-reload.py";
	375
	376	if (!-e $bin_path) {
	377	warn "missing $bin_path. Please install frr-pythontools package";
	378	return;
	379	}
fa609bdd AD	380
	381	my $err = sub {
	382	my $line = shift;
659c27c2 AD	383	if ($line =~ /ERROR:/) {
659c27c2 AD	384	warn "$line \n";
fa609bdd AD	385	}
	386	};
	387
	388	if (-e $conf_file && -e $bin_path) {
cdf2c819	389	run_command([$bin_path, '--stdout', '--reload', $conf_file], outfunc => {}, errfunc => $err);
fa609bdd AD	390	}
	391	}
	392
8fb1ee7f	393	1;
32602a38	394
0589eb09	395